1 |
commit: feb423dabdacb8a9a5e639f8d715e20aa3d8d4f2 |
2 |
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be> |
3 |
AuthorDate: Thu Nov 1 20:20:45 2012 +0000 |
4 |
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be> |
5 |
CommitDate: Thu Nov 1 20:20:45 2012 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=feb423da |
7 |
|
8 |
Further reshuffle additions into their own ifdef group |
9 |
|
10 |
--- |
11 |
policy/modules/contrib/mozilla.te | 197 +++++++++++++++++++------------------ |
12 |
1 files changed, 103 insertions(+), 94 deletions(-) |
13 |
|
14 |
diff --git a/policy/modules/contrib/mozilla.te b/policy/modules/contrib/mozilla.te |
15 |
index fca9e78..074676e 100644 |
16 |
--- a/policy/modules/contrib/mozilla.te |
17 |
+++ b/policy/modules/contrib/mozilla.te |
18 |
@@ -99,7 +99,6 @@ allow mozilla_t self:sem create_sem_perms; |
19 |
allow mozilla_t self:socket create_socket_perms; |
20 |
allow mozilla_t self:unix_stream_socket { accept listen }; |
21 |
|
22 |
-allow mozilla_t mozilla_plugin_t:process { rlimitinh siginh noatsecure }; |
23 |
allow mozilla_t mozilla_plugin_t:unix_stream_socket rw_socket_perms; |
24 |
allow mozilla_t mozilla_plugin_t:fd use; |
25 |
|
26 |
@@ -114,7 +113,6 @@ userdom_user_home_dir_filetrans(mozilla_t, mozilla_home_t, dir, ".phoenix") |
27 |
filetrans_pattern(mozilla_t, mozilla_home_t, mozilla_plugin_home_t, dir, "plugins") |
28 |
|
29 |
manage_files_pattern(mozilla_t, mozilla_tmp_t, mozilla_tmp_t) |
30 |
-manage_fifo_files_pattern(mozilla_t, mozilla_tmp_t, mozilla_tmp_t) |
31 |
manage_dirs_pattern(mozilla_t, mozilla_tmp_t, mozilla_tmp_t) |
32 |
files_tmp_filetrans(mozilla_t, mozilla_tmp_t, { file dir }) |
33 |
|
34 |
@@ -131,9 +129,9 @@ allow mozilla_t mozilla_plugin_rw_t:lnk_file read_lnk_file_perms; |
35 |
stream_connect_pattern(mozilla_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t, mozilla_plugin_t) |
36 |
|
37 |
kernel_read_kernel_sysctls(mozilla_t) |
38 |
-kernel_read_net_sysctls(mozilla_t) |
39 |
kernel_read_network_state(mozilla_t) |
40 |
kernel_read_system_state(mozilla_t) |
41 |
+kernel_read_net_sysctls(mozilla_t) |
42 |
|
43 |
corecmd_list_bin(mozilla_t) |
44 |
corecmd_exec_shell(mozilla_t) |
45 |
@@ -144,9 +142,6 @@ corenet_all_recvfrom_netlabel(mozilla_t) |
46 |
corenet_tcp_sendrecv_generic_if(mozilla_t) |
47 |
corenet_tcp_sendrecv_generic_node(mozilla_t) |
48 |
|
49 |
-corenet_dontaudit_tcp_bind_generic_port(mozilla_t) |
50 |
-corenet_dontaudit_tcp_sendrecv_generic_port(mozilla_t) |
51 |
- |
52 |
corenet_sendrecv_http_client_packets(mozilla_t) |
53 |
corenet_tcp_connect_http_port(mozilla_t) |
54 |
corenet_tcp_sendrecv_http_port(mozilla_t) |
55 |
@@ -175,10 +170,6 @@ corenet_sendrecv_speech_client_packets(mozilla_t) |
56 |
corenet_tcp_connect_speech_port(mozilla_t) |
57 |
corenet_tcp_sendrecv_speech_port(mozilla_t) |
58 |
|
59 |
-corenet_sendrecv_tor_client_packets(mozilla_t) |
60 |
-corenet_tcp_connect_tor_port(mozilla_t) |
61 |
-corenet_tcp_sendrecv_tor_port(mozilla_t) |
62 |
- |
63 |
dev_getattr_sysfs_dirs(mozilla_t) |
64 |
dev_read_sound(mozilla_t) |
65 |
dev_read_rand(mozilla_t) |
66 |
@@ -210,17 +201,88 @@ miscfiles_read_fonts(mozilla_t) |
67 |
miscfiles_read_localization(mozilla_t) |
68 |
miscfiles_dontaudit_setattr_fonts_dirs(mozilla_t) |
69 |
|
70 |
-userdom_search_user_home_dirs(mozilla_t) |
71 |
userdom_use_user_ptys(mozilla_t) |
72 |
|
73 |
mozilla_run_plugin(mozilla_t, mozilla_roles) |
74 |
mozilla_run_plugin_config(mozilla_t, mozilla_roles) |
75 |
|
76 |
-xdg_manage_downloads_home(mozilla_t) |
77 |
- |
78 |
-xserver_dontaudit_getattr_xdm_tmp_sockets(mozilla_t) |
79 |
-xserver_dontaudit_read_xdm_tmp_files(mozilla_t) |
80 |
xserver_user_x_domain_template(mozilla, mozilla_t, mozilla_tmpfs_t) |
81 |
+xserver_dontaudit_read_xdm_tmp_files(mozilla_t) |
82 |
+xserver_dontaudit_getattr_xdm_tmp_sockets(mozilla_t) |
83 |
+ |
84 |
+ifdef(`distro_gentoo',` |
85 |
+ allow mozilla_t mozilla_plugin_t:process { rlimitinh siginh noatsecure }; |
86 |
+ |
87 |
+ manage_fifo_files_pattern(mozilla_t, mozilla_tmp_t, mozilla_tmp_t) |
88 |
+ |
89 |
+ corenet_dontaudit_tcp_bind_generic_port(mozilla_t) |
90 |
+ corenet_dontaudit_tcp_sendrecv_generic_port(mozilla_t) |
91 |
+ corenet_sendrecv_tor_client_packets(mozilla_t) |
92 |
+ corenet_tcp_connect_tor_port(mozilla_t) |
93 |
+ corenet_tcp_sendrecv_tor_port(mozilla_t) |
94 |
+ |
95 |
+ userdom_search_user_home_dirs(mozilla_t) |
96 |
+ |
97 |
+ xdg_manage_downloads_home(mozilla_t) |
98 |
+ xdg_read_generic_config_home_files(mozilla_t) |
99 |
+ xdg_read_generic_data_home_files(mozilla_t) |
100 |
+ |
101 |
+ #xserver_common_x_domain_template(mozilla_t, mozilla_tmpfs_t) is this |
102 |
+ #not better than user_x_domain_template ? |
103 |
+ |
104 |
+ # main refpolicy does not make this distinction anymore |
105 |
+ # (allows manage rights automatically) |
106 |
+ tunable_policy(`mozilla_read_user_content',` |
107 |
+ userdom_list_user_tmp(mozilla_t) |
108 |
+ userdom_read_user_home_content_files(mozilla_t) |
109 |
+ userdom_read_user_home_content_symlinks(mozilla_t) |
110 |
+ userdom_read_user_tmp_files(mozilla_t) |
111 |
+ userdom_read_user_tmp_symlinks(mozilla_t) |
112 |
+ |
113 |
+ ifndef(`enable_mls',` |
114 |
+ fs_list_dos(mozilla_t) |
115 |
+ fs_read_dos_files(mozilla_t) |
116 |
+ fs_read_iso9660_files(mozilla_t) |
117 |
+ fs_read_removable_files(mozilla_t) |
118 |
+ fs_read_removable_symlinks(mozilla_t) |
119 |
+ fs_search_removable(mozilla_t) |
120 |
+ ') |
121 |
+ ',` |
122 |
+ files_dontaudit_list_home(mozilla_t) |
123 |
+ files_dontaudit_list_tmp(mozilla_t) |
124 |
+ |
125 |
+ fs_dontaudit_list_removable(mozilla_t) |
126 |
+ fs_dontaudit_read_removable_files(mozilla_t) |
127 |
+ |
128 |
+ userdom_dontaudit_list_user_home_dirs(mozilla_t) |
129 |
+ userdom_dontaudit_list_user_tmp(mozilla_t) |
130 |
+ userdom_dontaudit_read_user_home_content_files(mozilla_t) |
131 |
+ userdom_dontaudit_read_user_tmp_files(mozilla_t) |
132 |
+ ') |
133 |
+ |
134 |
+ optional_policy(` |
135 |
+ tunable_policy(`mozilla_use_java',` |
136 |
+ #java_noatsecure_domtrans(mozilla_t) |
137 |
+ # refpolicy method below, but we might want to introduce |
138 |
+ # specific domains for this (like mozilla_java_t)? TODO |
139 |
+ java_exec(mozilla_t) |
140 |
+ java_manage_generic_home_content(mozilla_t) |
141 |
+ ') |
142 |
+ |
143 |
+ java_home_filetrans_java_home(mozilla_t, dir, ".java") |
144 |
+ |
145 |
+ # Cannot handle optional_policy within tunable_policy |
146 |
+ optional_policy(` |
147 |
+ tunable_policy(`mozilla_use_java',` |
148 |
+ chromium_tmp_filetrans(mozilla_t, mozilla_tmp_t, fifo_file) |
149 |
+ ') |
150 |
+ ') |
151 |
+ ') |
152 |
+ |
153 |
+ optional_policy(` |
154 |
+ nscd_socket_use(mozilla_t) |
155 |
+ ') |
156 |
+') |
157 |
|
158 |
tunable_policy(`allow_execmem',` |
159 |
allow mozilla_t self:process execmem; |
160 |
@@ -242,36 +304,6 @@ tunable_policy(`use_samba_home_dirs',` |
161 |
fs_manage_cifs_symlinks(mozilla_t) |
162 |
') |
163 |
|
164 |
-# Specific for Gentoo, main refpolicy does not make this distinction anymore |
165 |
-# (allows manage rights automatically) |
166 |
-tunable_policy(`mozilla_read_user_content',` |
167 |
- userdom_list_user_tmp(mozilla_t) |
168 |
- userdom_read_user_home_content_files(mozilla_t) |
169 |
- userdom_read_user_home_content_symlinks(mozilla_t) |
170 |
- userdom_read_user_tmp_files(mozilla_t) |
171 |
- userdom_read_user_tmp_symlinks(mozilla_t) |
172 |
- |
173 |
- ifndef(`enable_mls',` |
174 |
- fs_list_dos(mozilla_t) |
175 |
- fs_read_dos_files(mozilla_t) |
176 |
- fs_read_iso9660_files(mozilla_t) |
177 |
- fs_read_removable_files(mozilla_t) |
178 |
- fs_read_removable_symlinks(mozilla_t) |
179 |
- fs_search_removable(mozilla_t) |
180 |
- ') |
181 |
-',` |
182 |
- files_dontaudit_list_home(mozilla_t) |
183 |
- files_dontaudit_list_tmp(mozilla_t) |
184 |
- |
185 |
- fs_dontaudit_list_removable(mozilla_t) |
186 |
- fs_dontaudit_read_removable_files(mozilla_t) |
187 |
- |
188 |
- userdom_dontaudit_list_user_home_dirs(mozilla_t) |
189 |
- userdom_dontaudit_list_user_tmp(mozilla_t) |
190 |
- userdom_dontaudit_read_user_home_content_files(mozilla_t) |
191 |
- userdom_dontaudit_read_user_tmp_files(mozilla_t) |
192 |
-') |
193 |
- |
194 |
optional_policy(` |
195 |
apache_read_user_scripts(mozilla_t) |
196 |
apache_read_user_content(mozilla_t) |
197 |
@@ -314,25 +346,6 @@ optional_policy(` |
198 |
') |
199 |
|
200 |
optional_policy(` |
201 |
- tunable_policy(`mozilla_use_java',` |
202 |
- #java_noatsecure_domtrans(mozilla_t) |
203 |
- # refpolicy method below, but we might want to introduce |
204 |
- # specific domains for this (like mozilla_java_t)? TODO |
205 |
- java_exec(mozilla_t) |
206 |
- java_manage_generic_home_content(mozilla_t) |
207 |
- ') |
208 |
- |
209 |
- java_home_filetrans_java_home(mozilla_t, dir, ".java") |
210 |
- |
211 |
- # Cannot handle optional_policy within tunable_policy |
212 |
- optional_policy(` |
213 |
- tunable_policy(`mozilla_use_java',` |
214 |
- chromium_tmp_filetrans(mozilla_t, mozilla_tmp_t, fifo_file) |
215 |
- ') |
216 |
- ') |
217 |
-') |
218 |
- |
219 |
-optional_policy(` |
220 |
lpd_run_lpr(mozilla_t, mozilla_roles) |
221 |
') |
222 |
|
223 |
@@ -343,10 +356,6 @@ optional_policy(` |
224 |
') |
225 |
|
226 |
optional_policy(` |
227 |
- nscd_socket_use(mozilla_t) |
228 |
-') |
229 |
- |
230 |
-optional_policy(` |
231 |
pulseaudio_role(mozilla_roles, mozilla_t) |
232 |
') |
233 |
|
234 |
@@ -354,11 +363,6 @@ optional_policy(` |
235 |
thunderbird_domtrans(mozilla_t) |
236 |
') |
237 |
|
238 |
-optional_policy(` |
239 |
- xdg_read_generic_config_home_files(mozilla_t) |
240 |
- xdg_read_generic_data_home_files(mozilla_t) |
241 |
-') |
242 |
- |
243 |
######################################## |
244 |
# |
245 |
# Plugin local policy |
246 |
@@ -367,12 +371,10 @@ optional_policy(` |
247 |
dontaudit mozilla_plugin_t self:capability { ipc_lock sys_nice sys_ptrace sys_tty_config }; |
248 |
allow mozilla_plugin_t self:process { setpgid getsched setsched signal_perms setrlimit }; |
249 |
allow mozilla_plugin_t self:fifo_file manage_fifo_file_perms; |
250 |
-allow mozilla_plugin_t self:netlink_route_socket r_netlink_socket_perms; |
251 |
allow mozilla_plugin_t self:netlink_kobject_uevent_socket create_socket_perms; |
252 |
allow mozilla_plugin_t self:sem create_sem_perms; |
253 |
allow mozilla_plugin_t self:shm create_shm_perms; |
254 |
allow mozilla_plugin_t self:tcp_socket { accept listen }; |
255 |
-allow mozilla_plugin_t self:udp_socket create_socket_perms; |
256 |
allow mozilla_plugin_t self:unix_dgram_socket sendto; |
257 |
allow mozilla_plugin_t self:unix_stream_socket { accept connectto listen }; |
258 |
|
259 |
@@ -466,10 +468,6 @@ corenet_sendrecv_monopd_client_packets(mozilla_plugin_t) |
260 |
corenet_tcp_connect_monopd_port(mozilla_plugin_t) |
261 |
corenet_tcp_sendrecv_monopd_port(mozilla_plugin_t) |
262 |
|
263 |
-corenet_sendrecv_pulseaudio_client_packets(mozilla_plugin_t) |
264 |
-corenet_tcp_connect_pulseaudio_port(mozilla_plugin_t) |
265 |
-corenet_tcp_sendrecv_pulseaudio_port(mozilla_plugin_t) |
266 |
- |
267 |
corenet_sendrecv_soundd_client_packets(mozilla_plugin_t) |
268 |
corenet_tcp_connect_soundd_port(mozilla_plugin_t) |
269 |
corenet_tcp_sendrecv_soundd_port(mozilla_plugin_t) |
270 |
@@ -521,16 +519,36 @@ auth_use_nsswitch(mozilla_plugin_t) |
271 |
|
272 |
logging_send_syslog_msg(mozilla_plugin_t) |
273 |
|
274 |
-miscfiles_dontaudit_setattr_fonts_cache_dirs(mozilla_plugin_t) |
275 |
-miscfiles_dontaudit_setattr_fonts_dirs(mozilla_plugin_t) |
276 |
+miscfiles_read_localization(mozilla_plugin_t) |
277 |
miscfiles_read_fonts(mozilla_plugin_t) |
278 |
miscfiles_read_generic_certs(mozilla_plugin_t) |
279 |
-miscfiles_read_localization(mozilla_plugin_t) |
280 |
|
281 |
-userdom_dontaudit_use_user_terminals(mozilla_plugin_t) |
282 |
-userdom_rw_user_tmpfs_files(mozilla_plugin_t) |
283 |
+ifdef(`distro_gentoo',` |
284 |
+ allow mozilla_plugin_t self:netlink_route_socket r_netlink_socket_perms; |
285 |
+ allow mozilla_plugin_t self:udp_socket create_socket_perms; |
286 |
|
287 |
-xserver_user_x_domain_template(mozilla_plugin, mozilla_plugin_t, mozilla_plugin_tmpfs_t) |
288 |
+ corenet_sendrecv_pulseaudio_client_packets(mozilla_plugin_t) |
289 |
+ corenet_tcp_connect_pulseaudio_port(mozilla_plugin_t) |
290 |
+ corenet_tcp_sendrecv_pulseaudio_port(mozilla_plugin_t) |
291 |
+ |
292 |
+ miscfiles_dontaudit_setattr_fonts_cache_dirs(mozilla_plugin_t) |
293 |
+ miscfiles_dontaudit_setattr_fonts_dirs(mozilla_plugin_t) |
294 |
+ |
295 |
+ userdom_dontaudit_use_user_terminals(mozilla_plugin_t) |
296 |
+ userdom_rw_user_tmpfs_files(mozilla_plugin_t) |
297 |
+ |
298 |
+ xdg_read_generic_config_home_files(mozilla_plugin_t) |
299 |
+ |
300 |
+ xserver_user_x_domain_template(mozilla_plugin, mozilla_plugin_t, mozilla_plugin_tmpfs_t) |
301 |
+ |
302 |
+ optional_policy(` |
303 |
+ alsa_domain(mozilla_plugin_t, mozilla_plugin_tmpfs_t) |
304 |
+ ') |
305 |
+ |
306 |
+ optional_policy(` |
307 |
+ flash_manage_home(mozilla_plugin_t) |
308 |
+ ') |
309 |
+') |
310 |
|
311 |
tunable_policy(`allow_execmem',` |
312 |
allow mozilla_plugin_t self:process execmem; |
313 |
@@ -554,7 +572,6 @@ tunable_policy(`use_samba_home_dirs',` |
314 |
|
315 |
optional_policy(` |
316 |
alsa_read_rw_config(mozilla_plugin_t) |
317 |
- alsa_domain(mozilla_plugin_t, mozilla_plugin_tmpfs_t) |
318 |
alsa_read_home_files(mozilla_plugin_t) |
319 |
') |
320 |
|
321 |
@@ -569,10 +586,6 @@ optional_policy(` |
322 |
') |
323 |
|
324 |
optional_policy(` |
325 |
- flash_manage_home(mozilla_plugin_t) |
326 |
-') |
327 |
- |
328 |
-optional_policy(` |
329 |
gnome_manage_generic_home_content(mozilla_plugin_t) |
330 |
gnome_home_filetrans_gnome_home(mozilla_plugin_t, dir, ".gnome") |
331 |
gnome_home_filetrans_gnome_home(mozilla_plugin_t, dir, ".gnome2") |
332 |
@@ -608,10 +621,6 @@ optional_policy(` |
333 |
') |
334 |
|
335 |
optional_policy(` |
336 |
- xdg_read_generic_config_home_files(mozilla_plugin_t) |
337 |
-') |
338 |
- |
339 |
-optional_policy(` |
340 |
xserver_read_user_xauth(mozilla_plugin_t) |
341 |
xserver_read_xdm_pid(mozilla_plugin_t) |
342 |
xserver_stream_connect(mozilla_plugin_t) |